Prevent hack sms function |
Hi
I have a function in my API that send sms to user's mobile I try limit it by user IP But user can change IP and again send sms or hack it Do you have best way for limit sms for each user?
Sessions? Store it in a DB? MFA?
We'd need a little more information.
Codeigniter is simply one of the tools you need to learn to be a successful developer. Always add more tools to your coding arsenal!
Limit send sms by ip and user_id, or registered mobile number or email address.
Since the session can be reset, which will lead to re-registration, and the IP can be changed as gloves for example through Tor, I would do a code check via mail + phone and (QR Codes {Google auth or other}) . and for example kept something in localStorage through js as in a case with sessions.
I would change this world, but God doesn't give me the source.
|
Welcome Guest, Not a member yet? Register Sign In |